What would be effective results of a security investment for a small business and how does it compare to larger corporations?

1. What would be effective results of a security investment for a small business and how does it compare to larger corporations? Should it include important concepts from governmental and public/private sectors?

2. Should external stakeholders been involved in the decision-making process of risk management plans? Explain how various decision makers have different responsibilities and necessities for the inputs and outputs within an organization?

3. What are some of the key roles and responsibilities of government, industry, academia, and other non-governmental organizations with respect to critical infrastructure risk?